CVE-2021-41773
Fast python tool to test apache path traversal CVE-2021-41773 in a List of url
Usage :-
create a live urls file and use the flag "-l"
python3 apache_path_traversal.py -l urls-list.txt
Fast python tool to test apache path traversal CVE-2021-41773 in a List of url
Overview
Owner
Zahir Tariq
Applications Security analyst | bugs Hunter | python networking & scrapping lover
CSAW 2021 writeups
CSAW 2021 Writeups Challenge Category Solved by The Magic Modbus ics root2thrill Lazy Leaks Forensics root2thrill Poem Collection warm-up root2thrill
7 Oct 06, 2021
A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck
Malware Configuration Extractor A Malware Configuration Extraction Tool and Modules for MalDuck This project is FREE as in FREE 🍺 , use it commercial
103 Dec 18, 2022
SSRF search vulnerabilities exploitation extended.
This tool search for SSRF using predefined settings in different parts of a request (path, host, headers, post and get parameters).
13 Jul 04, 2021
PKUAutoElective for 2021 spring semester
PKUAutoElective 2021 Spring Version Update at Mar 7 15:28 (UTC+8): 修改了 get_supplement 的 API 参数,已经可以实现课程列表页面的正常跳转,请更新至最新 commit 版本 本项目基于 PKUAutoElectiv
84 Sep 09, 2022
A tool that detects the expensive Carbon Black watchlists.
A tool that detects the "expensive" Carbon Black watchlists.
8 Aug 04, 2022
Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)
Pachine Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation). Installtion $ pip3 install impacket Usage Impacket v0.9.23 -
250 Dec 31, 2022
windows电脑查看全部连接过的WiFi密码
python WIFI历史密码查看器 WIFI密码查看器 原理 win+R,输入cmd打开命令行窗口 #这个命令可以列出你所有连接过的wifi netsh wlan show profiles #替换你要查找的WiFi名称,就可以显示出这个wifi的所有信息,包括密码 netsh wlan show
15 Dec 22, 2022
Omega - From Wordpress admin to pty
The Linux tool to automate the process of getting a pty once you got admin credentials in a Wordpress site. Keep in mind that right now Omega only can attack Linux hosts.
12 Nov 09, 2022
Whois-Python - Get Whois Domain with Python GUI
Whois-Python-GUI Get Whois Domain with Python - GUI :) WARNING Dont Copy ! - W
3 Feb 21, 2022
CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection
CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection Usage usage: cve-2021-26084_confluence_rce.py [-h] --url URL [--cmd CMD] [--shell] CVE-2021-2
92 Jul 20, 2022
These are Simple python scripts to test/scan your network
Disclaimer This tool is for Educational purpose only. We do not promote or encourage any illegal activities. Summary These are Simple python scripts t
5 Oct 08, 2022
Use FOFA automatic vulnerability scanning tool
AutoSRC Use FOFA automatic vulnerability scanning tool Usage python3 autosrc.py -e FOFA EMAIL -k TOKEN Screenshots License MIT Dev 6613GitHub6613
48 Oct 25, 2022
Grafana-0Day-Vuln-POC
Grafana V8.0+版本存在未授权任意文件读取 0Day漏洞 - POC 1 漏洞信息 1.1 基本信息 漏洞厂商:Grafana 厂商官网:https://grafana.com/ 1.2 漏洞描述 Grafana是一个跨平台、开源的数据可视化网络应用程序平台。用户配置连接的数据源之后,Gr
3 Dec 13, 2021
CVE-2022-21907 - Windows HTTP协议栈远程代码执行漏洞 CVE-2022-21907
CVE-2022-21907 Description POC for CVE-2022-21907: Windows HTTP协议栈远程代码执行漏洞 creat
365 Nov 30, 2022
CVE-log4j CheckMK plugin
CVE-2021-44228-log4j discovery (Download the MKP package) This plugin discovers vulnerable files for the CVE-2021-44228-log4j issue. To discover this
4 Jan 08, 2022
Buff A simple BOF library I wrote under an hour to help me automate with BOF attack
What is Buff? A simple BOF library I wrote under an hour to help me automate with BOF attack. It comes with fuzzer and a generic method to generate ex
3 Nov 21, 2022
Quickstart resources for the WiFi Nugget, a cat themed WiFi Security platform for beginners.
Quickstart resources for the WiFi Nugget, a cat themed WiFi Security platform for beginners.
62 Jan 08, 2023
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE Analyze Usage ------------------------------------------------------------- [*] CVE-2021-220
224 Aug 05, 2022
A python script to decrypt media files encrypted using the Android application 'Decrypting 'LOCKED Secret Calculator Vault''. Will identify PIN / pattern.
A python script to decrypt media files encrypted using the Android application 'Decrypting 'LOCKED Secret Calculator Vault''. Will identify PIN / pattern.
3 Sep 26, 2022
command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio
165 Dec 21, 2022